

<?php
require_once("coneccion.php");
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}
//enviar un formulario a un servidor php
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['txtuser'])) {
  $user=$_POST['txtuser'];
  $password=$_POST['txtpwd'];
  
  $MM_redirectLoginFailed = "index.php";
  $MM_redirecttoReferrer = true;

  

   $LoginRS__query=sprintf("SELECT * FROM usuarios WHERE user=%s AND password=%s",GetSQLValueString($user, "text"), GetSQLValueString($password, "text")); 

	

  $LoginRS = mysql_query($LoginRS__query,$db ) or die(mysql_error($db));

  $loginFoundUser = mysql_num_rows($LoginRS);

  if ($loginFoundUser) {
     $loginStrGroup = "";
   
    //declare two session variables and assign them
    
    $_SESSION['user'] = mysql_result($LoginRS,0,2);
    

    $_SESSION['user_fullname'] = mysql_result($LoginRS,0,4);
     $_SESSION['user_tipo'] = mysql_result($LoginRS,0,1);
	$_SESSION['user_id'] = mysql_result($LoginRS,0,0);
	if($_SESSION['user_tipo']=="administrador"){
		$MM_redirectLoginSuccess = "/PhpProject1/Admin/index.php";
                
               
	}else{
		$MM_redirectLoginSuccess = "/PhpProject1/usuarios/index.php";
	}
	
    if (isset($_SESSION['PrevUrl']) && true) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>

<head>
    <script type="text/javascript" src="/PhpProject1/js/jquery.js" charset="utf-8"></script>
    <script type="text/javascript" src="/PhpProject1/js/login.js" charset="utf-8"></script>
    
</head>
<body id="" style="background-color:#0590B9">
    <form action='index.php' method='post' enctype='multipart/form-data' name='contacto' id='contacto'>
     <div style="background-image: url('img/login.png')"></div>
    <div  style="margin:0 auto">
        <div style="background-color: #C5E6EA;width: 332px;height: 130px;margin:0 auto;margin-top: 50px">
         </div>
        
        <div style="background-color: #ffffff;width: 332px;height: 200px;margin:0 auto;">
            <img src='img/cabezera.png' />
            <br><br>
            <div style="font-weight:bold;text-align:left;">&nbsp;&nbsp;Username:<input type="text" name="txtuser" id="txtuser" value="" /></div> <br>
            <div style="font-weight:bold;text-align:left;">&nbsp;&nbsp;Password:<input type="text" name="txtpwd" id="txtpwd" value="" /></div> <br>
            &nbsp;&nbsp;<input type="submit" id="" value="ingresar" />
        </div>
    </div>
    </form>
</body>    
